<?php
/** Copyright 2014 TinPhp Systems, Inc.
 * @author zhangxilian 2013-8-15
 */
if (!defined('IN_TINPHP')) {
    exit('Access Denied');
}

require_once('indexApp.php');

/** 用户资料管理
 * @author ZhangXiLian 2014-09-12 */
class safeController extends IndexAppController {
	
	private $userLogic;
	
	public function __construct() {
        parent::__construct();        
        $this->userLogic = new UserLogic();
	}
 	/** 安全中心 */
 	public function actionDefault(){
 		
 		$userItem = $this->userLogic->getUserItem("*", "ID=?", array($this->user['ID']));
        $userItem['userType'] = $this->userLogic->getUserTypeItem("*", "ID=?",array($this->user['USERTYPE_ID']));
 		$userItem['info'] = $this->userLogic->getUserInfo("*", "ID=".$userItem['INFOID']);
 		
 		
 		T::$tpl->set("userItem", $userItem);
 	}

 	
 	/** 用户密码管理 */
 	public function actionPasswd(){
 		if($_POST['btnsubmit']){
            $newpassword = md5(RequestUtil::getPost('password'));
            $oldpassword = md5(RequestUtil::getPost('oldpassword'));
            $userItem = $this->userLogic->getUserItem("*", "ID=?", array($this->user['ID']));
            if($oldpassword == $userItem['PASSWORD']){
                $dataArr = array();
                $dataArr['PASSWORD'] = $newpassword;
                $up = $this->userLogic->updateFieldVal($dataArr, "ID=".$this->user['ID']);
                if($up){
                    T::$tpl->set("EndJS","$.jBox.tip('保存修改成功！', 'success');");
                }else{
                    T::$tpl->set("EndJS","$.jBox.tip('保存失败请重试..', 'error');");
                }
            }else{
                  T::$tpl->set("EndJS","$.jBox.tip('保存失败,旧密码错误..', 'error');");
            }
        }
 	}

    /** 实名认证 */
    public function actionRealverify(){
        if($_POST['btnsubmit']){
            $userItem = $this->userLogic->getUserItem("*", "ID=?", array($this->user['ID']));
            $userItem['info'] = $this->userLogic->getUserInfo("*", "ID=".$userItem['INFOID']);
            $user_data = $_POST;

            if($user_data){
                foreach($user_data as $k=>$v)
                {
                    $user_data[$k] = htmlspecialchars(addslashes($v));
                }
                $dataArr = array();
                $dataArr['REALNAME'] = $user_data['realname'];
                $dataArr['IDCARD'] = $user_data['idcard'];
                $dataArr['IDCARD_URL'] = $user_data['idcrad_url'];
                $dataArr['IDCARD_URL_BACK'] = $user_data['idcrad_url_back'];
                $dataArr['STATE_REAL'] = 1;
                $up = $this->userLogic->updateInfoVal($dataArr, "ID=".$userItem['INFOID']);

                if($up){
                    return $this->sysMessage("提交成功,请等待审核.",array("返回首页"=>"user.php?ctl=safe"), 3);
                }else{
                     T::$tpl->set("EndJS","$.jBox.tip('保存失败请重试..', 'error');");
                }
                
            }
        }
    }

    /** 修改手机 */
    public function actionMobile(){
        T::$tpl->set("userItem", $this->user);
        $id_code =  $_POST['id_code'];
        if($_POST['btnsubmit']){
            $mobile = $this->user['USERNAME'];
            $mobile_verify = $mobile."||".$id_code;
            if($_SESSION['smscode'] == $mobile_verify){
                unset($_SESSION['smscode']);
                $_SESSION['resetmobile'] = $this->random(6);
                T::$tpl->set("oldverify","1");
            }else{
                 T::$tpl->set("EndJS","$.jBox.tip('旧手机验证失败..', 'error');");
            }
        }
        if($_POST['btnsubmit_reset']){
             $mobile  = htmlspecialchars(addslashes($_POST['mobile']));
             $mobile_verify = $mobile."||".$id_code;
             if($_SESSION['smscode'] == $mobile_verify && $_SESSION['resetmobile']){

                $dataArr = array();
                $dataArr['TEL'] = $mobile;
                $up = $this->userLogic->updateInfoVal($dataArr, "ID=".$this->user['INFOID']);
                if($up){
                     unset($_SESSION['smscode']);
                    return $this->sysMessage("提交成功,请等待审核.",array("返回首页"=>"user.php?ctl=safe"), 3);
                }else{
                     T::$tpl->set("oldverify","1");
                     T::$tpl->set("EndJS","$.jBox.tip('新手机保存失败请重试..', 'error');");
                }

            }else{
                T::$tpl->set("oldverify","1");
                 T::$tpl->set("EndJS","$.jBox.tip('新手机验证失败..', 'error');");
            }
        }
    }

    public function actionsms(){
        T::$tplFile='public/empty';
        if($_GET['smsverify']){
            T::$tplFile='public/empty';
            $mobile = $_SESSION['newmobile'];
            $id_code =  $_GET['id_code'];
            $mobile_verify = $mobile."||".$id_code;
            if($_SESSION['smscode'] == $mobile_verify){
                exit("1");
            }else{
                exit("0");
            }
        }

        $mobile = $_GET['mobile'] ? $_GET['mobile'] : $this->user['USERNAME'];
        $_SESSION['newmobile'] = $mobile;
        $id_code= $this->random(6);
        $_SESSION['smscode'] = $mobile."||".$id_code;//唯一吗，用于扩展验证
        $smsres = $this->sendsms($mobile,$id_code);
        return  $smsres;
    }

    /** 修改支付密码 */
    public function actionPayPasswd(){
        $tp =  htmlspecialchars(addslashes($_GET['tp']));
        T::$tpl->set("tp", $tp);
        T::$tpl->set("userItem", $this->user);
       
        if($_POST['btnsubmit']){
            if($tp=='change'){
                $newpassword = md5(RequestUtil::getPost('password'));
                $oldpassword = md5(RequestUtil::getPost('oldpassword'));
                $userItem = $this->userLogic->getUserItem("*", "ID=?", array($this->user['ID']));
                $nowpassword = $userItem['PAYPASSWORD'] ? $userItem['PAYPASSWORD'] :$userItem['PASSWORD'];
                if($oldpassword == $nowpassword){
                    $dataArr = array();
                    $dataArr['PAY_PASSWORD'] = $newpassword;
                    $up = $this->userLogic->updateFieldVal($dataArr, "ID=".$this->user['ID']);
                    if($up){
                        T::$tpl->set("EndJS","$.jBox.tip('保存修改成功！', 'success');");
                    }else{
                        T::$tpl->set("EndJS","$.jBox.tip('保存失败请重试..', 'error');");
                    }
                }else{
                      T::$tpl->set("EndJS","$.jBox.tip('保存失败,旧密码错误..', 'error');");
                }

            }else{

                $mobile = $this->user['USERNAME'];
                $id_code =  $_POST['id_code'];
                $mobile_verify = $mobile."||".$id_code;
                if($_SESSION['smscode'] == $mobile_verify){
                    $newpassword = md5(RequestUtil::getPost('password'));
                    $dataArr = array();
                    $dataArr['PAY_PASSWORD'] = $newpassword;
                    $up = $this->userLogic->updateFieldVal($dataArr, "ID=".$this->user['ID']);
                    if($up){
                        unset($_SESSION['smscode']);
                        T::$tpl->set("EndJS","$.jBox.tip('保存修改成功！', 'success');");
                    }else{
                        T::$tpl->set("EndJS","$.jBox.tip('保存失败请重试..', 'error');");
                    }
                }else{
                     T::$tpl->set("EndJS","$.jBox.tip('手机验证失败..', 'error');");
                }

            }

        }
    }

    /** 密保问题 */
    public function actionQuestion(){
        T::$tpl->set("userItem", $this->user);
       
        if($_POST['btnsubmit']){
        }
 
    }

}//End CLass
?>
